Exploits & CVE's

Authored by Mohammed Alshehri DiskBoss version 11.7.28 suffers from an unquoted service path vulnerability. Change Mirror Download # Exploit Title: DiskBoss v11.7.28 - Multiple Services Unquoted Service Path# Date: 2020-8-20# Exploit Author:...

Authored by Carlos Roa Canon Inkjet Extended Survey Program version 5.1.0.8 suffers from an unquoted service path vulnerability. Change Mirror Download # Exploit Title: Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE'...

Authored by Hacker Fantastic A trivial to reach stack-based buffer overflow is present in libpam on Solaris. The vulnerable code exists in pam_framework.c parse_user_name() which allocates a fixed size buffer...

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org NtFileSins.py is a Windows file enumeration intel gathering tool. Change Mirror Download from subprocess import Popen, PIPEimport sys,argparse,re#MIT License#Copyright (c) 2020 John Page (aka hyp3rlinx)#Permission is...

Authored by LiquidWorm | Site zeroscience.mk iDS6 DSSPro Digital Signage System version 6.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the...

Authored by LiquidWorm | Site zeroscience.mk The CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication...

Authored by LiquidWorm | Site zeroscience.mk iDS6 DSSPro Digital Signage System version 6.2 suffers from a privilege escalation vulnerability. An authenticated user can elevate his/her privileges by calling JS functions...

Authored by C0wnuts SmartBlog version 2.0.1 suffers from a remote blind SQL injection vulnerability. Change Mirror Download # Exploit Title: SmartBlog 2.0.1 - 'id_post' Blind SQL injection# Date: 2020-11-05# Exploit Author: C0wnuts#...

Authored by Andrey Stoykov BlogEngine version 3.3.8 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS# Date: 11/2020# Exploit Author: Andrey...

Authored by Dawid Golunski Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more. advisories | CVE-2020-27955 Change...